Community
cancel
Showing results for 
Search instead for 
Did you mean: 
bitflipper101
Beginner
418 Views

SGXDataCenterAttestationPrimitives linux driver installation instructions

Jump to solution

following driver/linux installation instructions, after running `make` and `make clean`, it says "With root priviledge, copy the sources to /usr/src/sgx-<version>/"

What is meant by sources in this context?

These are the files in the dir.

-rw-r--r-- 1 root root 249 Sep 2 16:55 version.h
-rw-r--r-- 1 root root 3314 Sep 2 16:55 sgx_wl.h
-rw-r--r-- 1 root root 1807 Sep 2 16:55 sgx.h
-rw-r--r-- 1 root root 8851 Sep 2 16:55 README.md
-rw-r--r-- 1 root root 635 Sep 2 16:55 Makefile
-rw-r--r-- 1 root root 20064 Sep 2 16:55 main.c
-rw-r--r-- 1 root root 2391 Sep 2 16:55 License.txt
-rw-r--r-- 1 root root 21963 Sep 2 16:55 ioctl.c
drwxr-xr-x 3 root root 4096 Sep 2 16:55 include
-rw-r--r-- 1 root root 5892 Sep 2 16:55 encls.h
-rw-r--r-- 1 root root 3912 Sep 2 16:55 encl.h
-rw-r--r-- 1 root root 21259 Sep 2 16:55 encl.c
-rw-r--r-- 1 root root 886 Sep 2 16:55 driver.h
-rw-r--r-- 1 root root 5147 Sep 2 16:55 driver.c
-rw-r--r-- 1 root root 200 Sep 2 16:55 dkms.conf
-rw-r--r-- 1 root root 10594 Sep 2 16:55 arch.h
-rw-r--r-- 1 root root 115 Sep 2 16:55 10-sgx.rules

recursively coping those files and then running the following commands:

$ sudo dkms add -m sgx -v <version>
$ sudo dkms build -m sgx -v <version>
$ sudo dkms install -m sgx -v <version>
$ sudo /sbin/modprobe intel_sgx

sudo /sbin/modprobe intel_sgx results in: "modprobe: ERROR: could not insert 'intel_sgx': No such device"

0 Kudos
1 Solution
JesusG_Intel
Moderator
360 Views

Hello bitflipper101,


Make sure your aesmd service is running.


$ ps aux | grep -i aesm

$ sudo systemctl start aesmd

$ cat /var/log/syslog | grep -i aesm


View solution in original post

7 Replies
JesusG_Intel
Moderator
407 Views

Hello bitflipper,


Please provide us which processor you are using and operating system. In order to use DCAP, your processor must support Flexible Launch Control (FLC). Run the following command to find out if your processor supports FLC:


$ cpuid | grep sgx



bitflipper101
Beginner
401 Views

Hey JesusG,

cpuid | greg SGX gives:

      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false

 

IntelSupport
Community Manager
392 Views

Hello bitflipper101,


Please make sure that SGX is enabled in your BIOS. Your output shows that both sgx1/2 supported are both false. This means that SGX is not enabled in your BIOS.


You can see what the outputs mean in this webpage: https://github.com/ayeks/SGX-hardware#test-sgx


bitflipper101
Beginner
367 Views

Ok thank you. It is a cloud hosted machine and had assumed they already had enabled in BIOS.

Cpuid | grep SGX now returns:

SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1)

Running the Sample Code LocalAttestion is still resulting in a "failed to load enclave". Do I need to re-install something with SGX now enabled in BIOS?

Tags (1)
JesusG_Intel
Moderator
361 Views

Hello bitflipper101,


Make sure your aesmd service is running.


$ ps aux | grep -i aesm

$ sudo systemctl start aesmd

$ cat /var/log/syslog | grep -i aesm


View solution in original post

JesusG_Intel
Moderator
343 Views

Hello bitflipper101,


Do you still need help with this issue?


JesusG_Intel
Moderator
332 Views

Hello bitflipper101,


I have not heard back from you so I will close this inquiry now. If you need further assistance, please post a new question.


Reply